Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/kHEe7MWhgj-ps3QL70Tk2podQIc.roa
File: kHEe7MWhgj-ps3QL70Tk2podQIc.roa (raw, json)
Hash identifier: tGP05BevM5EJG+J3f/rzjFOBycK9cangwaiNYo9tX/A=
Subject key identifier: 90:71:1E:EC:C5:A1:82:3F:A9:B3:74:0B:EF:44:E4:DA:9A:1D:40:87
Certificate issuer: /CN=86497682e9307c4687935008173147d132a28c64
Certificate serial: 018CC80211BFB93D2A2761721AEE2A8855FD
Authority key identifier: 86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/kHEe7MWhgj-ps3QL70Tk2podQIc.roa
Signing time: Tue 02 Jan 2024 02:30:27 +0000
ROA not before: Tue 02 Jan 2024 02:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60782
IP address blocks: 185.74.84.0/22 maxlen: 32
185.97.16.0/22 maxlen: 32
79.139.66.0/24 maxlen: 32
79.139.68.0/22 maxlen: 32
79.139.116.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:11:bf:b9:3d:2a:27:61:72:1a:ee:2a:88:55:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86497682e9307c4687935008173147d132a28c64
Validity
Not Before: Jan 2 02:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90711eecc5a1823fa9b3740bef44e4da9a1d4087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:22:71:4a:60:41:4f:ad:eb:be:76:5c:8c:5e:
e5:e4:41:77:42:a9:a9:16:2f:c8:e0:4e:00:00:c0:
03:22:db:7d:03:96:ef:1f:a7:51:2c:ca:4e:b3:3a:
80:5c:c5:01:93:c1:9f:e9:13:0d:7c:97:ac:27:f7:
d5:0d:30:93:22:6d:1b:37:75:fc:62:e4:2d:39:28:
bf:30:86:19:70:d6:fd:0b:8e:c3:12:60:75:7a:9b:
50:af:5a:40:4f:d5:c0:f7:23:1e:32:5d:c6:b7:c6:
70:f5:e5:63:e1:b3:7c:db:a1:3f:d3:4e:ef:a3:d7:
fe:4b:fc:7c:88:43:1b:56:e5:8b:e3:b3:d3:93:b7:
54:c7:ea:02:ad:8f:76:be:07:74:95:2e:bc:e2:1b:
4e:9f:91:3c:ef:d1:67:6e:0d:91:54:a3:07:d8:db:
1d:a2:72:4d:c0:fa:4c:31:01:18:f2:b8:ba:52:c4:
3b:3d:6b:5c:56:97:be:e8:38:61:74:91:b4:96:fb:
44:73:49:99:b7:8b:41:8d:d9:90:3a:92:e3:55:f6:
f1:25:80:10:35:8e:9c:46:24:15:b8:84:f8:7e:0b:
d7:8e:98:97:96:77:44:99:54:db:f2:b6:1e:6a:4b:
89:3e:74:28:64:9e:d4:39:73:e1:71:c9:c3:5e:47:
b7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:71:1E:EC:C5:A1:82:3F:A9:B3:74:0B:EF:44:E4:DA:9A:1D:40:87
X509v3 Authority Key Identifier:
keyid:86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/kHEe7MWhgj-ps3QL70Tk2podQIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.139.66.0/24
79.139.68.0/22
79.139.116.0/22
185.74.84.0/22
185.97.16.0/22
Signature Algorithm: sha256WithRSAEncryption
46:45:74:c0:13:0b:7a:91:bf:08:fb:51:77:06:9c:89:a7:b7:
82:f3:3d:06:e1:1f:1c:ec:f9:c2:af:8a:98:2a:02:5c:5f:8e:
03:c7:7b:07:1e:4a:d9:01:90:84:48:09:b6:54:3d:9c:41:90:
b6:72:46:2e:cd:82:6c:73:43:66:ae:05:8f:83:f1:ed:ba:80:
0c:92:5d:be:d6:3c:cc:a0:4e:9c:5a:f2:f4:9d:9b:d8:40:8e:
6d:17:77:f4:33:d7:ad:ed:95:2b:ef:c8:cf:c8:70:35:70:a0:
e0:f1:2c:d2:a8:15:be:16:94:f0:80:b4:19:c2:49:af:e9:0f:
e0:cd:79:91:62:2d:63:41:aa:50:f7:d3:c7:38:4b:b2:65:42:
73:b3:07:f8:65:79:4f:26:42:d8:17:3d:f9:21:87:77:b5:e0:
be:29:74:e6:97:4a:6d:50:fc:e6:89:da:17:f7:b9:96:d6:c8:
ae:19:20:68:33:e2:09:37:69:02:15:1f:bb:25:7e:69:5b:d7:
da:48:e0:5b:2a:b7:65:c5:fe:40:ca:24:52:67:22:e1:0d:80:
0d:5c:42:8d:4a:d7:f4:bf:42:cb:2a:93:29:e4:48:31:dd:86:
3c:ab:64:08:44:43:7e:bf:24:94:34:70:ff:d4:d3:03:be:60:
19:0d:a5:0d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIAhG/uT0qJ2FyGu4qiFX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDk3NjgyZTkzMDdjNDY4NzkzNTAwODE3MzE0N2QxMzJh
MjhjNjQwHhcNMjQwMTAyMDIzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDcxMWVlY2M1YTE4MjNmYTliMzc0MGJlZjQ0ZTRkYTlhMWQ0MDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyJxSmBBT63rvnZcjF7l5EF3Qqmp
Fi/I4E4AAMADItt9A5bvH6dRLMpOszqAXMUBk8Gf6RMNfJesJ/fVDTCTIm0bN3X8
YuQtOSi/MIYZcNb9C47DEmB1eptQr1pAT9XA9yMeMl3Gt8Zw9eVj4bN826E/007v
o9f+S/x8iEMbVuWL47PTk7dUx+oCrY92vgd0lS684htOn5E879Fnbg2RVKMH2Nsd
onJNwPpMMQEY8ri6UsQ7PWtcVpe+6DhhdJG0lvtEc0mZt4tBjdmQOpLjVfbxJYAQ
NY6cRiQVuIT4fgvXjpiXlndEmVTb8rYeakuJPnQoZJ7UOXPhccnDXke38QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJBxHuzFoYI/qbN0C+9E5NqaHUCHMB8GA1UdIwQY
MBaAFIZJdoLpMHxGh5NQCBcxR9EyooxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDIt
OTExNDBmMzI5ZWFhLzEva0hFZTdNV2hnai1wczNRTDcwVGsycG9kUUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDItOTExNDBmMzI5ZWFh
LzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAT4tCAwQC
T4tEAwQCT4t0AwQCuUpUAwQCuWEQMA0GCSqGSIb3DQEBCwUAA4IBAQBGRXTAEwt6
kb8I+1F3BpyJp7eC8z0G4R8c7PnCr4qYKgJcX44Dx3sHHkrZAZCESAm2VD2cQZC2
ckYuzYJsc0NmrgWPg/HtuoAMkl2+1jzMoE6cWvL0nZvYQI5tF3f0M9et7ZUr78jP
yHA1cKDg8SzSqBW+FpTwgLQZwkmv6Q/gzXmRYi1jQapQ99PHOEuyZUJzswf4ZXlP
JkLYFz35IYd3teC+KXTml0ptUPzmidoX97mW1siuGSBoM+IJN2kCFR+7JX5pW9fa
SOBbKrdlxf5AyiRSZyLhDYANXEKNStf0v0LLKpMp5Egx3YY8q2QIREN+vySUNHD/
1NMDvmAZDaUN
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:44:18 2024 by rpki-client on console-ams.rpki-client.org